Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Screen Sharing Hacked?

@temhawk, just leave screen sharing turned off. You don't likely need it so don't leave yourself vulnerable. Screen sharing, which is just VNC, is routinely hacked on all systems because by default it passes information in clear text, and that makes it easy to find out your password. So just leave the feature disabled and you'll be fine.
 
Thanks, I've turned it off now. If I'm not gonna use it, you're right, I can just keep it turned off. That sounds worrisome that VNC sends everything in plaintext!

I also noticed that I didn't have Firewall turned on in System Preferences -> Security. How big of a security issue could that have been? I have turned it on now, blocked all connections except the "important" ones or what they're called, and even turned on "stealth mode" (is that one any good, dyou know?).

I also have Web Sharing turned on and modified my Apache settings so that I could access ~/Me/Sites by typing "http://localhost/" in my browser. I think that might not be so smart security-wise, especially since I have all kinds of stuff in the "Sites" folder. I just figured that nobody would ever find out that they can access this folder remotely. Do you know if there is a way to test sites (including PHP stuff, not just plain HTML files) locally without letting anyone access it from the Internet?
 
temhawk said:
I also noticed that I didn't have Firewall turned on in System Preferences -> Security. How big of a security issue could that have been? I have turned it on now, blocked all connections except the "important" ones or what they're called, and even turned on "stealth mode" (is that one any good, dyou know?).

I also have Web Sharing turned on and modified my Apache settings so that I could access ~/Me/Sites by typing "http://localhost/" in my browser. I think that might not be so smart security-wise, especially since I have all kinds of stuff in the "Sites" folder. I just figured that nobody would ever find out that they can access this folder remotely. Do you know if there is a way to test sites (including PHP stuff, not just plain HTML files) locally without letting anyone access it from the Internet?
Click to expand...

Stealth mode adds a small extra bit of security, but not tons. I usually have it turned on though. The firewall can be handy, but if you have a router, most have a decent firewall on them that helps reduce your vulnerabilities.

While web sharing can potentially leave you a little more vulnerable, it's not a big problem since web servers are made to be accessible by all and yet secure. Tweaking the configuration can make it so it's accessible to you, but not others. There's plenty of tutorials online for this if you're interested. If you just want to do local testing though, I recommend MAMP. It gives you a newer version of the Apache web server, PHP, and MySQL all easily setup. I use it for all of my local web development testing on my Mac.
 
Thank you very much. I'm not a big fan of MAMP, I'll go searching for answers on how to tweak it, like you said.

Thanks for the hints !
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back